US20020062443A1 - Method of providing time stamping service for setting client's system clock - Google Patents

Method of providing time stamping service for setting client's system clock Download PDF

Info

Publication number
US20020062443A1
US20020062443A1 US09/774,285 US77428501A US2002062443A1 US 20020062443 A1 US20020062443 A1 US 20020062443A1 US 77428501 A US77428501 A US 77428501A US 2002062443 A1 US2002062443 A1 US 2002062443A1
Authority
US
United States
Prior art keywords
message
value
time stamp
requester
authority server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US09/774,285
Other versions
US6915423B2 (en
Inventor
Young Lim
Kyung Kang
Seung Lee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
KT Corp
Original Assignee
KT Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by KT Corp filed Critical KT Corp
Assigned to KOREA TELECOM reassignment KOREA TELECOM ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: KANG, KYUNG-HEE, LEE, SEUNG-JAE, LIM, YOUNG-SOOK
Publication of US20020062443A1 publication Critical patent/US20020062443A1/en
Application granted granted Critical
Publication of US6915423B2 publication Critical patent/US6915423B2/en
Adjusted expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Definitions

  • the present invention relates in general to an information security field, and more particularly to a method of providing a time stamping service for setting a client's system clock, wherein a service provider providing a public key infrastructure-based security service safely receives reference time information from a reliable third-party system and re-sets the client's system clock on the basis of the received reference time information, so as to assure the reliability of the client's system clock.
  • the PKI-based security service requires accuracy of time for verification of a certificate, but may not be normally provided due to time errors of a client, resulting in the leakage of incomings.
  • the main object of a typical time stamping service is to certify that a specific document has existed at a predetermined point of time and thus guarantee the accuracy of time.
  • a system clock of a client employing the security service is generally used as the local time information. Provided that the system clock of the client is inaccurate, the security service will not be provided in spite of the fact that the certificate revocation list and certificate are valid.
  • the present invention has been made in view of the above problems, and it is an object of the present invention to provide a method of providing a time stamping service for setting a client's system clock, which is capable of adding/defining new services to predefined time stamp specifications for the setting of the client's system clock, modifying structures of TimeStampReq and TimeStampResp messages according to the service addition/definition, receiving time information from an objectively reliable time stamp using the modified message structures, and re-setting the client's system clock on the basis of the received time information.
  • a method of providing a time stamping service for setting a client's system clock comprising the first step of requesting the time stamping service of a time stamp authority server by a service requester; the second step of receiving the time stamping service request from the requester and creating and sending a response message corresponding thereto by the time stamp authority server; the third step of receiving the response message sent from the time stamp authority server and verifying the integrity thereof by the requester; the fourth step of downloading a certificate revocation list from a directory server and verifying the validity thereof by the requester; and the fifth step of downloading a certificate for an electronic signature of the time stamp authority server from the directory server, verifying an electronic signature value thereof and setting the client's system clock in accordance with the verified result by the requester.
  • FIG. 1 is a block diagram showing a hardware architecture for execution of a method of providing a time stamping service for setting a client's system clock in accordance with the present invention
  • FIGS. 2 a to 2 c are flowcharts illustrating the method of providing the time stamping service for setting the client's system clock in accordance with the present invention.
  • FIG. 3 is a flowchart illustrating a procedure of verifying the validity of a certificate revocation list in accordance with the present invention.
  • FIG. 1 there is shown in block form a hardware architecture for execution of a method of providing a time stamping service for setting a client's system clock in accordance with the present invention.
  • the reference numerals 1 and 2 denote first and second clients requesting time information, respectively.
  • the first client 1 has a personal computer (PC) environment
  • the second client 2 has a UNIX environment.
  • a time stamp authority (TSA) server 3 is operable in a UNIX-based system to provide reliable time information.
  • a directory server 4 is adapted to manage certificates for electronic signatures of the TSA server 3 .
  • This server 4 is one of unit systems for constructing a public key infrastructure, and manages certificates of all objects and a certificate revocation list.
  • the Internet 5 is a fundamental communication network among the first and second clients 1 and 2 , TSA server 3 and directory server 4 , and is based on a transmission control protocol/Internet protocol (TCP/IP) network or a telephone accessing network such as a point-to-point protocol (PPP) network.
  • TCP/IP transmission control protocol/Internet protocol
  • PPP point-to-point protocol
  • FIGS. 2 a to 2 c are flowcharts illustrating the method of providing the time stamping service for setting the client's system clock in accordance with the present invention. This method basically comprises five steps.
  • the present method comprises the first step of requesting the time stamping service of the TSA server 3 by a service requester, the second step of receiving the time stamping service request from the requester and creating and sending a response message corresponding thereto by the TSA server 3 , the third step of receiving the response message sent from the TSA server 3 and verifying the integrity thereof by the requester, the fourth step of downloading a certificate revocation list from the directory server 4 and verifying the validity thereof by the requester, and the fifth step of downloading a certificate for an electronic signature of the TSA server 3 from the directory server 4 , verifying an electronic signature value thereof and setting a system clock of the client 1 or 2 in accordance with the verified result by the requester.
  • the first step is composed of steps S 21 to S 23 in FIG. 2 a.
  • the requester first generates a random number with a given value and sets it as a nonce value of a service request message, or TimeStampReq message (S 21 ).
  • the requester sets a requestType parameter of the TimeStampReq message, defined in the present invention, to 2 , or a getBaseTime value, and adds the resulting structure to an extension field of the TimeStampReq message (S 22 ).
  • the requester fills other parameters of the TimeStampReq message with given values and then sends the resulting TimeStampReq message to the TSA server 3 (S 23 ).
  • the second step is composed of S 24 to S 28 in FIG. 2 a.
  • the second step includes a sequence of steps processed by the TSA server 3 .
  • the TSA server 3 first receives a service request message, or TimeStampReq message, sent from the requester (S 24 ).
  • the TSA server 3 authenticates and verifies the received TimeStampReq message (S 25 ).
  • the TSA server 3 processes the received TimeStampReq message as an erroneous message, sends the processed result to the requester and ends the corresponding process.
  • the TSA server 3 fills parameters of the response message, or TimeStampResp message, with given values (S 26 ).
  • the TSA server 3 extracts a TSTInfo structure from a TimeStampResp message structure created at the above step S 26 and, in turn, current time information, or a genTime value, from the extracted TSTInfo structure, calculates a message authentication code (MAC) value on the basis of the extracted genTime value and a nonce value, set by the requester and contained in the TimeStampReq message, and then sets the calculated MAC value and identifier information of an algorithm used for the calculation of the MAC value respectively in corresponding fields of a MacInfo structure proposed in the present invention (S 27 ).
  • MAC message authentication code
  • the TSA server 3 adds the resulting MacInfo structure to an extension field of the TSTInfo structure and thus completes the creation of the TimeStampResp message structure proposed in the present invention.
  • the TSA server 3 sends the response message, or TimeStampResp message, created through the above steps to the requester (S 28 ).
  • the third step is composed of S 29 to S 34 in FIG. 2 b.
  • the requester first receives the response message, or TimeStampResp message, sent from the TSA server 3 (S 29 ) and authenticates and verifies the received response message (S 30 ).
  • step S 30 If there is an error such as an ASN.1 NOTATION error at the above step S 30 , the requester processes the received response message as an erroneous message.
  • step S 30 If there is no error at the above step S 30 , the lower-order steps beginning with step S 31 are performed. That is, the requester extracts a TSTInfo structure from the TimeStampResp message and directly calculates a MAC value to check the integrity of the TimeStampResp message (S 31 ).
  • the requester For the calculation of the MAC value at the above step S 31 , the requester first extracts current time information, or a genTime value, from the extracted TSTInfo structure and finds a nonce value, set by the requester and sent to the time stamp authority server.
  • the requester directly calculates a MAC value on the basis of the extracted genTime value and the found nonce value.
  • the requester verifies the calculated MAC value to check whether the integrity of the received response message has been assured.
  • the requester first extracts a MacInfo structure proposed in the present invention from the TimeStampResp message sent from the time stamp authority server and, in turn, a MAC value from the extracted MacInfo structure and then compares the extracted MAC value with the MAC value calculated at the above step S 31 to determine whether the two MAC values are equal (S 32 ).
  • the requester recognizes that the current time information, or the genTime value, sent from the TSA server 3 was altered during the sending (S 33 ) and the system clock of the client 1 or 2 cannot thus be set because the integrity of the received response message has not been assured. As a result, the requester processes the received response message as an erroneous message (S 34 ).
  • the fourth step is composed of S 35 to S 37 in FIG. 2 b.
  • the requester first downloads the certificate revocation list (CRL) and the certificate for the electronic signature of the TSA server 3 from the directory server 4 , which manages certificates of all objects and the certificate revocation list (S 35 ).
  • CTL certificate revocation list
  • S 35 manages certificates of all objects and the certificate revocation list
  • the requester In order to verify the validity of the certificate revocation list downloaded from the directory server 4 on the basis of a genTime value contained in the response message sent from the TSA server 3 , the requester extracts time information set to thisUpdate and nextupdate values from the certificate revocation list (S 36 ).
  • the requester determines whether the genTime value is present between the thisUpdate and nextUpdate values, so as to determine whether the certificate revocation list is valid (S 37 ).
  • the requester Upon determining at the above step S 37 that the certificate revocation list is not valid, the requester recognizes that a signature value sent from the TSA server 3 (contained in a signature value field of a SignerInfo structure) cannot be verified (S 38 ) and the system clock of the client 1 or 2 cannot thus be set. As a result, the requester performs an associated error process (S 39 ).
  • the fifth step is composed of steps S 40 -S 51 in FIG. 2 c.
  • the requester finally determines whether a genTime value sent from the TSA server 3 is reliable, by verifying a signature value sent from the TSA server 3 .
  • the requester extracts desired information (S 40 ) from the certificate of the TSA server 3 and checks whether a serial number of the certificate of the TSA server 3 among the extracted information is present in the certificate revocation list (S 41 ).
  • the requester recognizes that the signature value sent from the TSA server 3 cannot be verified and the system clock of the client 1 or 2 cannot thus be set, and then performs an associated error process (S 42 and S 43 ).
  • the requester performs a pre-process for the verification of the signature value sent from the TSA server 3 .
  • the requester extracts a public key from the certificate for the electronic signature of the TSA server 3 , downloaded from the directory server 4 .
  • the requester extracts the signature value from a SignerInfo structure of the TimeStampResp message, decodes the extracted signature value using the extracted public key and extracts a hash value (referred to hereinafter as M1), or a digest value, from the decoded result (S 44 ).
  • M1 hash value
  • M1 hash value
  • S 44 digest value
  • the requester directly calculates a hash value (referred to hereinafter as M2) using a digest algorithm of the SignerInfo structure (S 45 ).
  • the requester compares the two hash values, or M1 and M2, with each other to determine whether they are equal (S 46 ). If M1 and M2 are not equal, the requester recognizes that the time stamp authority server sending the TimeStampResp message is not valid and the client's system clock cannot thus be set, and then performs an associated error process (S 47 and S 48 ).
  • the requester sets the client's system clock on the basis of a genTime value extracted from the TimeStampResp message (S 50 ) and then performs the subsequent service (S 51 ).
  • FIG. 3 is a flowchart illustrating a procedure of verifying the validity of a certificate revocation list in accordance with the present invention.
  • the PKI-based security service cannot be provided when the client's system clock is not accurately set.
  • the requester downloads the CRL from the directory server 4 and decodes it (S 1 and S 2 ).
  • the requester extracts available time information of the CRL from the CRL and current time information, or a Tcurrent value, from the client, respectively (S 3 and S 4 ).
  • the requester determines whether the Tcurrent value is present between thisUpdate and nextUpdate values, namely, thisUpdate ⁇ Tcurrent ⁇ nextupdate (S 5 ). If the Tcurrent value is not present between the thisUpdate and nextUpdate values, the requester recognizes that the verification of the certificate validity ends in failure (S 6 ); otherwise, it extracts a revoked certificates structure from the CRL (S 7 ). Then, the requester determines whether a desired certificate is present in the extracted revoked certificates structure (S 8 ). If the desired certificate is not present in the extracted revoked certificates structure, the requester recognizes that it was abrogated (S 9 ). However, in the case where the desired certificate is present in the extracted revoked certificates structure, the requester recognizes that it is valid (S 10 ).
  • the present invention provides a method which is effectively connected with a nonrepudiation service to objectively certify that a specific document has existed at a predetermined point of time.
  • the present method provides a time stamping service for providing objectively reliable standard time information to a requester so that a client's system clock can be set on the basis of the standard time information. Therefore, the reliability and objectivity of the client's system clock can be assured.
  • the present method is effectively connected with a public key infrastructure-based security service to overcome security service obstacles resulting from an inaccurate system clock of a client.

Abstract

A method of providing a time stamping service for setting a client's system clock, wherein the client's system clock can be set to reliable standard time. Whether the client's system clock has been accurately set is one of the preconditions for the smooth provision of a public key infrastructure-based security service. A service provider providing the public key infrastructure-based security service safely receives reference time information from an objectively reliable third-party system, sets the client's system clock on the basis of the received reference time information and provides the security service on the basis of the set client's system clock. Therefore, the service provider can smoothly provide the security service while assuring the accuracy and reliability of the client's system clock. Further, the smooth provision of the security service can reduce the number of petitions from clients to the security service, thereby increasing the quality of the security service.

Description

    BACKGROUND OF THE INVENTION
  • 1. Field of the Invention [0001]
  • The present invention relates in general to an information security field, and more particularly to a method of providing a time stamping service for setting a client's system clock, wherein a service provider providing a public key infrastructure-based security service safely receives reference time information from a reliable third-party system and re-sets the client's system clock on the basis of the received reference time information, so as to assure the reliability of the client's system clock. [0002]
  • 2. Description of the Prior Art [0003]
  • Recently, communication companies such as Korea Telecom have provided a public key infrastructure (PKI)-based security service together with an electronic data interchange (EDI) service for national pensions, electronic prescriptions, etc. [0004]
  • However, the PKI-based security service requires accuracy of time for verification of a certificate, but may not be normally provided due to time errors of a client, resulting in the leakage of incomings. [0005]
  • The main object of a typical time stamping service is to certify that a specific document has existed at a predetermined point of time and thus guarantee the accuracy of time. [0006]
  • For this reason, related documents have not referred to mechanisms for applying the time stamping service to the setting of a system clock of a client. [0007]
  • For the validity verification of a certificate using a certificate revocation list in connection with the public key infrastructure-based security service, there is no conclusion defined for a source of local time information as a benchmark for the validity verification and how to download the local time information from the source. [0008]
  • As a result, a system clock of a client employing the security service is generally used as the local time information. Provided that the system clock of the client is inaccurate, the security service will not be provided in spite of the fact that the certificate revocation list and certificate are valid. [0009]
    • SUMMARY OF THE INVENTION
  • Therefore, the present invention has been made in view of the above problems, and it is an object of the present invention to provide a method of providing a time stamping service for setting a client's system clock, which is capable of adding/defining new services to predefined time stamp specifications for the setting of the client's system clock, modifying structures of TimeStampReq and TimeStampResp messages according to the service addition/definition, receiving time information from an objectively reliable time stamp using the modified message structures, and re-setting the client's system clock on the basis of the received time information. [0010]
  • In accordance with the present invention, the above and other objects can be accomplished by the provision of a method of providing a time stamping service for setting a client's system clock, comprising the first step of requesting the time stamping service of a time stamp authority server by a service requester; the second step of receiving the time stamping service request from the requester and creating and sending a response message corresponding thereto by the time stamp authority server; the third step of receiving the response message sent from the time stamp authority server and verifying the integrity thereof by the requester; the fourth step of downloading a certificate revocation list from a directory server and verifying the validity thereof by the requester; and the fifth step of downloading a certificate for an electronic signature of the time stamp authority server from the directory server, verifying an electronic signature value thereof and setting the client's system clock in accordance with the verified result by the requester. [0011]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The above and other objects, features and advantages of the present invention will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which: [0012]
  • FIG. 1 is a block diagram showing a hardware architecture for execution of a method of providing a time stamping service for setting a client's system clock in accordance with the present invention; [0013]
  • FIGS. 2[0014] a to 2 c are flowcharts illustrating the method of providing the time stamping service for setting the client's system clock in accordance with the present invention; and
  • FIG. 3 is a flowchart illustrating a procedure of verifying the validity of a certificate revocation list in accordance with the present invention.[0015]
    • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • With reference to FIG. 1, there is shown in block form a hardware architecture for execution of a method of providing a time stamping service for setting a client's system clock in accordance with the present invention. In this drawing, the [0016] reference numerals 1 and 2 denote first and second clients requesting time information, respectively. The first client 1 has a personal computer (PC) environment, and the second client 2 has a UNIX environment. A time stamp authority (TSA) server 3 is operable in a UNIX-based system to provide reliable time information. A directory server 4 is adapted to manage certificates for electronic signatures of the TSA server 3. This server 4 is one of unit systems for constructing a public key infrastructure, and manages certificates of all objects and a certificate revocation list. The Internet 5 is a fundamental communication network among the first and second clients 1 and 2, TSA server 3 and directory server 4, and is based on a transmission control protocol/Internet protocol (TCP/IP) network or a telephone accessing network such as a point-to-point protocol (PPP) network.
  • A description will hereinafter be given of the operation of the present invention under the above-stated hardware architecture with reference to FIGS. 2[0017] a to 2 c.
  • FIGS. 2[0018] a to 2 c are flowcharts illustrating the method of providing the time stamping service for setting the client's system clock in accordance with the present invention. This method basically comprises five steps.
  • Namely, the present method comprises the first step of requesting the time stamping service of the [0019] TSA server 3 by a service requester, the second step of receiving the time stamping service request from the requester and creating and sending a response message corresponding thereto by the TSA server 3, the third step of receiving the response message sent from the TSA server 3 and verifying the integrity thereof by the requester, the fourth step of downloading a certificate revocation list from the directory server 4 and verifying the validity thereof by the requester, and the fifth step of downloading a certificate for an electronic signature of the TSA server 3 from the directory server 4, verifying an electronic signature value thereof and setting a system clock of the client 1 or 2 in accordance with the verified result by the requester.
  • The first step is composed of steps S[0020] 21 to S23 in FIG. 2a.
  • At the first step, the requester first generates a random number with a given value and sets it as a nonce value of a service request message, or TimeStampReq message (S[0021] 21).
  • In order to inform the time stamp authority server that the service request is for the setting of the client's system clock, the requester sets a requestType parameter of the TimeStampReq message, defined in the present invention, to [0022] 2, or a getBaseTime value, and adds the resulting structure to an extension field of the TimeStampReq message (S22).
  • Subsequently, the requester fills other parameters of the TimeStampReq message with given values and then sends the resulting TimeStampReq message to the TSA server [0023] 3 (S23).
  • The second step is composed of S[0024] 24 to S28 in FIG. 2a.
  • Namely, the second step includes a sequence of steps processed by the [0025] TSA server 3. At the second step, the TSA server 3 first receives a service request message, or TimeStampReq message, sent from the requester (S24).
  • Then, the [0026] TSA server 3 authenticates and verifies the received TimeStampReq message (S25).
  • If there is an error at the above step S[0027] 25, the TSA server 3 processes the received TimeStampReq message as an erroneous message, sends the processed result to the requester and ends the corresponding process.
  • However, if there is no error at the above step S[0028] 25, the TSA server 3 fills parameters of the response message, or TimeStampResp message, with given values (S26).
  • In order to assure the integrity of the response message, the [0029] TSA server 3 extracts a TSTInfo structure from a TimeStampResp message structure created at the above step S26 and, in turn, current time information, or a genTime value, from the extracted TSTInfo structure, calculates a message authentication code (MAC) value on the basis of the extracted genTime value and a nonce value, set by the requester and contained in the TimeStampReq message, and then sets the calculated MAC value and identifier information of an algorithm used for the calculation of the MAC value respectively in corresponding fields of a MacInfo structure proposed in the present invention (S27).
  • Subsequently, the [0030] TSA server 3 adds the resulting MacInfo structure to an extension field of the TSTInfo structure and thus completes the creation of the TimeStampResp message structure proposed in the present invention.
  • Thereafter, the [0031] TSA server 3 sends the response message, or TimeStampResp message, created through the above steps to the requester (S28).
  • The third step is composed of S[0032] 29 to S34 in FIG. 2b.
  • At the third step, the requester first receives the response message, or TimeStampResp message, sent from the TSA server [0033] 3 (S29) and authenticates and verifies the received response message (S30).
  • If there is an error such as an ASN.1 NOTATION error at the above step S[0034] 30, the requester processes the received response message as an erroneous message.
  • If there is no error at the above step S[0035] 30, the lower-order steps beginning with step S31 are performed. That is, the requester extracts a TSTInfo structure from the TimeStampResp message and directly calculates a MAC value to check the integrity of the TimeStampResp message (S31).
  • For the calculation of the MAC value at the above step S[0036] 31, the requester first extracts current time information, or a genTime value, from the extracted TSTInfo structure and finds a nonce value, set by the requester and sent to the time stamp authority server.
  • The requester directly calculates a MAC value on the basis of the extracted genTime value and the found nonce value. [0037]
  • Then, the requester verifies the calculated MAC value to check whether the integrity of the received response message has been assured. [0038]
  • For the integrity verification, the requester first extracts a MacInfo structure proposed in the present invention from the TimeStampResp message sent from the time stamp authority server and, in turn, a MAC value from the extracted MacInfo structure and then compares the extracted MAC value with the MAC value calculated at the above step S[0039] 31 to determine whether the two MAC values are equal (S32).
  • If the two MAC values are not equal at the above step S[0040] 32, the requester recognizes that the current time information, or the genTime value, sent from the TSA server 3 was altered during the sending (S33) and the system clock of the client 1 or 2 cannot thus be set because the integrity of the received response message has not been assured. As a result, the requester processes the received response message as an erroneous message (S34).
  • To the contrary, in the case where the two MAC values are equal at the above step S[0041] 32, the requester recognizes that the integrity of the received response message has been assured and thus performs the following fourth step.
  • The fourth step is composed of S[0042] 35 to S37 in FIG. 2b.
  • At the fourth step, the requester first downloads the certificate revocation list (CRL) and the certificate for the electronic signature of the [0043] TSA server 3 from the directory server 4, which manages certificates of all objects and the certificate revocation list (S35).
  • In order to verify the validity of the certificate revocation list downloaded from the [0044] directory server 4 on the basis of a genTime value contained in the response message sent from the TSA server 3, the requester extracts time information set to thisUpdate and nextupdate values from the certificate revocation list (S36).
  • Then, the requester determines whether the genTime value is present between the thisUpdate and nextUpdate values, so as to determine whether the certificate revocation list is valid (S[0045] 37).
  • Upon determining at the above step S[0046] 37 that the certificate revocation list is not valid, the requester recognizes that a signature value sent from the TSA server 3 (contained in a signature value field of a SignerInfo structure) cannot be verified (S38) and the system clock of the client 1 or 2 cannot thus be set. As a result, the requester performs an associated error process (S39).
  • However, if the CRL is valid at the above step S[0047] 37, the requester proceeds to the fifth step.
  • The fifth step is composed of steps S[0048] 40-S51 in FIG. 2c.
  • At the fifth step, the requester finally determines whether a genTime value sent from the [0049] TSA server 3 is reliable, by verifying a signature value sent from the TSA server 3.
  • First, in order to verify the validity of the certificate for the electronic signature of the [0050] TSA server 3, the requester extracts desired information (S40) from the certificate of the TSA server 3 and checks whether a serial number of the certificate of the TSA server 3 among the extracted information is present in the certificate revocation list (S41).
  • In the case where the serial number of the certificate of the [0051] TSA server 3 is present in the certificate revocation list at the above step S41, the requester recognizes that the signature value sent from the TSA server 3 cannot be verified and the system clock of the client 1 or 2 cannot thus be set, and then performs an associated error process (S42 and S43).
  • To the contrary, if the serial number of the certificate of the [0052] TSA server 3 is not present in the certificate revocation list at the above step S41, the requester performs a pre-process for the verification of the signature value sent from the TSA server 3.
  • Namely, the requester extracts a public key from the certificate for the electronic signature of the [0053] TSA server 3, downloaded from the directory server 4.
  • Then, the requester extracts the signature value from a SignerInfo structure of the TimeStampResp message, decodes the extracted signature value using the extracted public key and extracts a hash value (referred to hereinafter as M1), or a digest value, from the decoded result (S[0054] 44).
  • Thereafter, the requester directly calculates a hash value (referred to hereinafter as M2) using a digest algorithm of the SignerInfo structure (S[0055] 45).
  • Subsequently, the requester compares the two hash values, or M1 and M2, with each other to determine whether they are equal (S[0056] 46). If M1 and M2 are not equal, the requester recognizes that the time stamp authority server sending the TimeStampResp message is not valid and the client's system clock cannot thus be set, and then performs an associated error process (S47 and S48).
  • However, if M1=M2, the requester recognizes that the [0057] TSA server 3 sending the TimeStampResp message is valid (S49).
  • Then, the requester sets the client's system clock on the basis of a genTime value extracted from the TimeStampResp message (S[0058] 50) and then performs the subsequent service (S51).
  • FIG. 3 is a flowchart illustrating a procedure of verifying the validity of a certificate revocation list in accordance with the present invention. Through a sequence of steps in FIG. 3, the PKI-based security service cannot be provided when the client's system clock is not accurately set. First, the requester downloads the CRL from the [0059] directory server 4 and decodes it (S1 and S2).
  • Then, the requester extracts available time information of the CRL from the CRL and current time information, or a Tcurrent value, from the client, respectively (S[0060] 3 and S4).
  • Thereafter, the requester determines whether the Tcurrent value is present between thisUpdate and nextUpdate values, namely, thisUpdate <Tcurrent < nextupdate (S[0061] 5). If the Tcurrent value is not present between the thisUpdate and nextUpdate values, the requester recognizes that the verification of the certificate validity ends in failure (S6); otherwise, it extracts a revoked certificates structure from the CRL (S7). Then, the requester determines whether a desired certificate is present in the extracted revoked certificates structure (S8). If the desired certificate is not present in the extracted revoked certificates structure, the requester recognizes that it was abrogated (S9). However, in the case where the desired certificate is present in the extracted revoked certificates structure, the requester recognizes that it is valid (S10).
  • As apparent from the above description, the present invention provides a method which is effectively connected with a nonrepudiation service to objectively certify that a specific document has existed at a predetermined point of time. The present method provides a time stamping service for providing objectively reliable standard time information to a requester so that a client's system clock can be set on the basis of the standard time information. Therefore, the reliability and objectivity of the client's system clock can be assured. [0062]
  • Further, the present method is effectively connected with a public key infrastructure-based security service to overcome security service obstacles resulting from an inaccurate system clock of a client. [0063]
  • Although the preferred embodiments of the present invention have been disclosed for illustrative purposes, those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims. [0064]

Claims (6)

What is claimed is:
1. A method of providing a time stamping service for setting a client's system clock, comprising the steps of:
a) requesting the time stamping service of a time stamp authority server by a service requester;
b) receiving the time stamping service request from said requester and creating and sending a response message corresponding thereto by said time stamp authority server;
c) receiving the response message sent from said time stamp authority server and verifying the integrity thereof by said requester;
d) downloading a certificate revocation list from a directory server and verifying the validity thereof by said requester; and
e) downloading a certificate for an electronic signature of said time stamp authority server from said directory server, verifying an electronic signature value thereof and setting the client's system clock in accordance with the verified result by said requester.
2. The method as set forth in claim 1, wherein said step a) includes the steps of:
a-1) generating a random number with a given value and setting it as a nonce value of a service request message (TimeStampReq);
a-2) setting a requestType parameter of said TimeStampReq message to a getBaseTime value and adding the resulting structure to an extension field of said TimeStampReq message to inform said time stamp authority server that the service request is for the setting of said client's system clock; and
a-3) filling other parameters of said TimeStampReq message with given values and sending the resulting TimeStampReq message to said time stamp authority server.
3. The method as set forth in claim 1, wherein said step b) includes the steps of:
b-1) receiving a service request message (TimeStampReq) sent from said requester and authenticating and verifying the received TimeStampReq message;
b-2) if there is an error at said step b-1), processing the received TimeStampReq message as an erroneous message, sending the processed result to said requester and ending the corresponding process;
b-3) if there is no error at said step b-1), filling parameters of the response message (TimeStampResp) with given values;
b-4) extracting a TSTInfo structure from a TimeStampResp message structure created at said b-3) and, in turn, current time information (a genTime value) from the extracted TSTInfo structure, calculating a message authentication code (MAC) value on the basis of the extracted genTime value and a nonce value, set by said requester and contained in said TimeStampReq message, and setting the calculated MAC value and identifier information of an algorithm used for the calculation of the MAC value respectively in corresponding fields of a MacInfo structure to assure the integrity of said response message;
b-5) adding the resulting MacInfo structure to an extension field of said TSTInfo structure and thus completing the creation of said TimeStampResp message structure; and
b-6) sending the completed response message (TimeStampResp) to said requester.
4. The method as set forth in claim 1, wherein said step c) includes the steps of:
c-1) receiving the response message (TimeStampResp) sent from said time stamp authority server and authenticating and verifying the received response message;
c-2) extracting a TSTInfo structure from said TimeStampResp message and, in turn, current time information (a genTime value) from the extracted TSTInfo structure, finding a nonce value, set by said requester and sent to said time stamp authority server, and directly calculating a message authentication code (MAC) value on the basis of the extracted genTime value and the found nonce value to check the integrity of said TimeStampResp message;
c-3) extracting a MacInfo structure from said TimeStampResp message sent from said time stamp authority server and, in turn, a MAC value from the extracted MacInfo structure and comparing the extracted MAC value with said MAC value calculated at said step c-2) to determine whether the two MAC values are equal; and
c-4) if said two MAC values are not equal, recognizing that the current time information (genTime value) sent from said time stamp authority server was altered during the sending and said client's system clock cannot thus be set and then processing the received response message as an erroneous message, and if said two MAC values are equal, recognizing that the integrity of the received response message has been assured.
5. The method as set forth in claim 1, wherein said step d) includes the steps of:
d-1) downloading said certificate revocation list and said certificate for the electronic signature of said time stamp authority server from said directory server managing certificates of all objects and said certificate revocation list;
d-2) extracting time information set to thisUpdate and nextupdate values from said certificate revocation list downloaded from said directory server, so as to verify the validity of said certificate revocation list on the basis of a genTime value contained in the response message sent from said time stamp authority server; and
d-3) determining whether said genTime value is present between said thisUpdate and nextupdate values, so as to determine whether said certificate revocation list is valid, and if said certificate revocation list is not valid, recognizing that a signature value sent from said time stamp authority server cannot be verified and said client's system clock cannot thus be set and then performing an associated error process.
6. The method as set forth in claim 1, wherein said step e) includes the steps of:
e-1) extracting desired information from said certificate for the electronic signature of said time stamp authority server and checking whether a serial number of said certificate of said time stamp authority server among the extracted information is present in said certificate revocation list, so as to verify the validity of said certificate;
e-2) if the serial number of said certificate of said time stamp authority server is present in said certificate revocation list, recognizing that said client's system clock cannot be set and then performing an associated error process;
e-3) extracting a public key from said certificate of said time stamp authority server if the serial number of said certificate is not present in said certificate revocation list;
e-4) extracting a signature value from a SignerInfo structure of said TimeStampResp message, decoding the extracted signature value using the extracted public key, extracting a first hash value from the decoded result and directly calculating a second hash value using a digest algorithm of said SignerInfo structure;
e-5) comparing said first and second hash values with each other to determine whether they are equal, if said first and second hash values are not equal, recognizing that said time stamp authority server sending said TimeStampResp message is not valid and then performing an associated error process, and if said first and second hash values are equal, recognizing that said time stamp authority server sending said TimeStampResp message is valid; and
e-6) setting said client's system clock on the basis of a genTime value extracted from said TimeStampResp message.
US09/774,285 2000-11-20 2001-01-30 Method of providing time stamping service for setting client's system clock Expired - Lifetime US6915423B2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR2000-68897 2000-11-20
KR1020000068897A KR20010008268A (en) 2000-11-20 2000-11-20 A new time stamping service for setting client's system clock

Publications (2)

Publication Number Publication Date
US20020062443A1 true US20020062443A1 (en) 2002-05-23
US6915423B2 US6915423B2 (en) 2005-07-05

Family

ID=19700013

Family Applications (1)

Application Number Title Priority Date Filing Date
US09/774,285 Expired - Lifetime US6915423B2 (en) 2000-11-20 2001-01-30 Method of providing time stamping service for setting client's system clock

Country Status (2)

Country Link
US (1) US6915423B2 (en)
KR (1) KR20010008268A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006022667A1 (en) * 2004-08-02 2006-03-02 International Business Machines Method for guaranteeing freshness of results for queries against a non-secure data store
US20060117185A1 (en) * 2004-11-30 2006-06-01 Kyocera Mita Corporation Timestamp administration system and image forming apparatus
WO2006128747A1 (en) * 2005-05-31 2006-12-07 Siemens Aktiengesellschaft Method for transmitting and verifying synchronization messages
CN102594803A (en) * 2012-01-18 2012-07-18 深圳市文鼎创数据科技有限公司 Method for realizing time synchronization of information safety equipment and server
US20160028679A1 (en) * 2014-07-25 2016-01-28 Microsoft Corporation Error correction for interactive message exchanges using summaries
US20170338966A1 (en) * 2016-05-18 2017-11-23 Apple Inc. eUICC SECURE TIMING AND CERTIFICATE REVOCATION
US10069839B2 (en) * 2016-02-11 2018-09-04 Microsoft Technology Licensing, Llc Determine approximate current time on a client using secure protocol metadata

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100837754B1 (en) * 2001-12-05 2008-06-13 주식회사 케이티 Apparatus for Time and Contents Stamping for Electronic Notes and Method Thereof
JP2003323357A (en) * 2002-05-08 2003-11-14 Hitachi Ltd Time stamp generation system
KR100925638B1 (en) * 2002-06-27 2009-11-06 주식회사 케이티 System and method for providing verification service of time stamping tokens
KR100908378B1 (en) * 2002-06-28 2009-07-20 주식회사 케이티 Timestamp Service Method Using Agent
FR2849248B1 (en) * 2002-12-20 2005-06-24 Oberthur Card Syst Sa SECURE ELECTRONIC ENTITY PERMITTING A CERTIFICATION OF TIME
EP1594250A1 (en) * 2004-05-03 2005-11-09 Thomson Licensing Distributed management of a certificate revocation list
JP4434169B2 (en) * 2006-03-30 2010-03-17 ブラザー工業株式会社 Information processing apparatus and program
CN105681470B (en) * 2012-03-29 2018-12-28 北京奇虎科技有限公司 Communication means, server based on hypertext transfer protocol, terminal
US11184176B2 (en) * 2018-09-26 2021-11-23 Guardtime Sa System and method for generating data signatures over non-continuously bidirectional communication channels
CN116318899B (en) * 2023-02-17 2023-10-17 深圳市创势互联科技有限公司 Data encryption and decryption processing method, system, equipment and medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5960083A (en) * 1995-10-24 1999-09-28 Micali; Silvio Certificate revocation system
US6209090B1 (en) * 1997-05-29 2001-03-27 Sol Aisenberg Method and apparatus for providing secure time stamps for documents and computer files
US6230266B1 (en) * 1999-02-03 2001-05-08 Sun Microsystems, Inc. Authentication system and process
US6314517B1 (en) * 1998-04-02 2001-11-06 Entrust Technologies Limited Method and system for notarizing digital signature data in a system employing cryptography based security
US6381696B1 (en) * 1998-09-22 2002-04-30 Proofspace, Inc. Method and system for transient key digital time stamps
US6393566B1 (en) * 1995-07-28 2002-05-21 National Institute Of Standards And Technology Time-stamp service for the national information network
US6728880B1 (en) * 1999-09-17 2004-04-27 Adobe Systems Incorporated Secure time on computers with insecure clocks

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5440633A (en) * 1993-08-25 1995-08-08 International Business Machines Corporation Communication network access method and system
US5717756A (en) * 1995-10-12 1998-02-10 International Business Machines Corporation System and method for providing masquerade protection in a computer network using hardware and timestamp-specific single use keys
US6601172B1 (en) * 1997-12-31 2003-07-29 Philips Electronics North America Corp. Transmitting revisions with digital signatures
JP3515408B2 (en) * 1999-02-15 2004-04-05 日本電信電話株式会社 Time authentication device
JP3726259B2 (en) * 1999-02-18 2005-12-14 日本電信電話株式会社 Public key certificate validity confirmation method, public key certificate validity confirmation device user side device, and recording medium recording public key certificate validity confirmation program
KR20020007860A (en) * 2000-07-19 2002-01-29 백승헌 Method of correcting time in internet and trading time management method using thereof

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6393566B1 (en) * 1995-07-28 2002-05-21 National Institute Of Standards And Technology Time-stamp service for the national information network
US5960083A (en) * 1995-10-24 1999-09-28 Micali; Silvio Certificate revocation system
US6209090B1 (en) * 1997-05-29 2001-03-27 Sol Aisenberg Method and apparatus for providing secure time stamps for documents and computer files
US6314517B1 (en) * 1998-04-02 2001-11-06 Entrust Technologies Limited Method and system for notarizing digital signature data in a system employing cryptography based security
US6381696B1 (en) * 1998-09-22 2002-04-30 Proofspace, Inc. Method and system for transient key digital time stamps
US6230266B1 (en) * 1999-02-03 2001-05-08 Sun Microsystems, Inc. Authentication system and process
US6728880B1 (en) * 1999-09-17 2004-04-27 Adobe Systems Incorporated Secure time on computers with insecure clocks

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006022667A1 (en) * 2004-08-02 2006-03-02 International Business Machines Method for guaranteeing freshness of results for queries against a non-secure data store
US20060117185A1 (en) * 2004-11-30 2006-06-01 Kyocera Mita Corporation Timestamp administration system and image forming apparatus
WO2006128747A1 (en) * 2005-05-31 2006-12-07 Siemens Aktiengesellschaft Method for transmitting and verifying synchronization messages
CN102594803A (en) * 2012-01-18 2012-07-18 深圳市文鼎创数据科技有限公司 Method for realizing time synchronization of information safety equipment and server
US20160028679A1 (en) * 2014-07-25 2016-01-28 Microsoft Corporation Error correction for interactive message exchanges using summaries
US9686221B2 (en) * 2014-07-25 2017-06-20 Microsoft Technology Licensing, Llc Error correction for interactive message exchanges using summaries
US10069839B2 (en) * 2016-02-11 2018-09-04 Microsoft Technology Licensing, Llc Determine approximate current time on a client using secure protocol metadata
US20170338966A1 (en) * 2016-05-18 2017-11-23 Apple Inc. eUICC SECURE TIMING AND CERTIFICATE REVOCATION
US10764066B2 (en) * 2016-05-18 2020-09-01 Apple Inc. EUICC secure timing and certificate revocation

Also Published As

Publication number Publication date
US6915423B2 (en) 2005-07-05
KR20010008268A (en) 2001-02-05

Similar Documents

Publication Publication Date Title
US6915423B2 (en) Method of providing time stamping service for setting client&#39;s system clock
US8078866B2 (en) Trust information delivery scheme for certificate validation
US7461250B1 (en) System and method for certificate exchange
Myers et al. X. 509 Internet public key infrastructure online certificate status protocol-OCSP
RU2434340C2 (en) Infrastructure for verifying biometric account data
Myers et al. RFC2560: X. 509 Internet public key infrastructure online certificate status protocol-OCSP
US11831790B2 (en) Systems and methods for automated certificate renewal management
CN111224788B (en) Electronic contract management method, device and system based on block chain
CN111683090A (en) Block chain digital signature method and device based on distributed storage
US7849308B2 (en) Data generating device and control method thereof, data analyzing device and control method thereof, data processing system, program and machine-readable storage medium
TWI773161B (en) Digital signature private key verification method
US20030009662A1 (en) Password exposure elimination for digital signature coupling with a host identity
GB2391438A (en) Electronic sealing for electronic transactions
CN112182009B (en) Block chain data updating method and device and readable storage medium
Berbecaru et al. Security aspects in standard certificate revocation mechanisms: a case study for OCSP
JP4071474B2 (en) Expiration confirmation device and method
CN106375340B (en) Method and system for improving certificate verification security
Jeun et al. A best practice for root ca key update in pki
CN116189340A (en) Entrance guard management method, system, device and medium based on PKI security authentication
CN115834071A (en) Automatic electronic seal updating method and system
Bechlaghem Light-weight PKI-Enabling through the Service of a Central Signature Server
EP1387551A1 (en) Electronic sealing for electronic transactions
EP1868315A1 (en) Cryptographic computer-implemented method for processing a digital signature and information processing apparatus therefor.
Malpani et al. Network Working Group M. Myers Request for Comments: 2560 VeriSign Category: Standards Track R. Ankney CertCo
JP2005101821A (en) Method for confirming certificate expiration state and terminal

Legal Events

Date Code Title Description
AS Assignment

Owner name: KOREA TELECOM, KOREA, REPUBLIC OF

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:LIM, YOUNG-SOOK;KANG, KYUNG-HEE;LEE, SEUNG-JAE;REEL/FRAME:011922/0313

Effective date: 20010126

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

FPAY Fee payment

Year of fee payment: 12